Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.When a user arrives at the order/%/thankyou page, they can refresh the page as many times as they like and it will resend the order confirmation emails every time.
In addition to this, the user can change the order id in the path and resend the confirmation emails for any order they like!
I'm working on a fix for this for my client - I will post a patch when I have finished.
| Comment | File | Size | Author |
|---|---|---|---|
| #1 | tweak-thankyou-callback-to-prevent-multiple-refreshes-1170632-1.patch | 1.65 KB | andymantell |
Comments
Comment #1
andymantell commentedI have made a patch to fix this functionality. Looking at the default implementation of uc_cart_checkout_complete() in uc_cart.pages.inc I have carried across the use of $_SESSION['cart_order'] followed by checking if the $order object is empty before completing the sale. uc_cart_complete_sale() empties out the order session variable thereby ensuring that this callback only gets run once.
In addition uc_cart_complete_sale() empties the cart, so I have removed the additional call to uc_cart_empty().
Comment #2
md2 commentedTested the patch from #1 and can confirm it fixes the issue.
Comment #3
Deimos-dupe commentedI've also applied this patch and it seems to work fine. Orders are coming through as expected and I'm unable to cause repeat emails to be sent.
Comment #4
andymantell commentedComment #5
leo pitt commentedThanks - I have added this patch to the dev version, please try it out.
Comment #6
dwigglesworth commentedI have also applied patch #1 and found the re-sending of order confirmation emails has been prevented for the the order/%/thankyou page.
Comment #7
leo pitt commentedFixed in 6.x-1.5